Summary: | <net-libs/webkit-gtk-2.28.3: Multiple vulnerabilities (WSA-2020-0006) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | gnome |
Priority: | Normal | Keywords: | CC-ARCHES |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
URL: | https://webkitgtk.org/security/WSA-2020-0006.html | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: |
net-libs/webkit-gtk-2.28.3
|
Runtime testing required: | --- |
Bug Depends on: | 704182 | ||
Bug Blocks: |
Description
Sam James
2020-07-10 12:26:29 UTC
Please bump to 2.28.3. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=51bc67d156bf486792989c5e8e8ee19f43b32f11 commit 51bc67d156bf486792989c5e8e8ee19f43b32f11 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2020-07-11 10:47:06 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2020-07-11 13:33:45 +0000 net-libs/webkit-gtk: bump to 2.28.3 Also raise gtk-doc dependency and drop patch that kept compat with perl gtk-doc, as we now can do so without stabilization worries. Bug: https://bugs.gentoo.org/732104 Closes: https://bugs.gentoo.org/704550 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-libs/webkit-gtk/Manifest | 1 + .../webkit-gtk/files/2.28.3-non-jumbo-fix2.patch | 44 ++++ net-libs/webkit-gtk/webkit-gtk-2.28.3.ebuild | 290 +++++++++++++++++++++ 3 files changed, 335 insertions(+) arm64 stable amd64 stable x86 stable Need to cleanup but still blocked :( The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5006f73937044695f6a1317de58ef80d12b19b7a commit 5006f73937044695f6a1317de58ef80d12b19b7a Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2020-07-19 05:58:49 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2020-07-19 05:59:37 +0000 net-libs/webkit-gtk: remove old Bug: https://bugs.gentoo.org/699156 Bug: https://bugs.gentoo.org/712260 Bug: https://bugs.gentoo.org/732104 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-libs/webkit-gtk/Manifest | 3 - .../files/2.26.2-fix-arm-non-unified-build.patch | 27 -- net-libs/webkit-gtk/files/2.26.3-fix-gtk-doc.patch | 27 -- .../webkit-gtk/files/2.28.2-fix-ppc64-JSC.patch | 59 ----- .../files/2.28.2-fix-yelp-desktopless-build.patch | 53 ---- .../files/2.28.2-use-gst-audiointerleave.patch | 55 ---- .../files/webkit-gtk-2.24.4-icu-65.patch | 53 ---- net-libs/webkit-gtk/metadata.xml | 4 - net-libs/webkit-gtk/webkit-gtk-2.24.4.ebuild | 283 -------------------- net-libs/webkit-gtk/webkit-gtk-2.26.4-r1.ebuild | 286 -------------------- net-libs/webkit-gtk/webkit-gtk-2.28.2.ebuild | 293 --------------------- 11 files changed, 1143 deletions(-) This issue was resolved and addressed in GLSA 202007-11 at https://security.gentoo.org/glsa/202007-11 by GLSA coordinator Sam James (sam_c). |